84 	int rc;  in verify_signature()  local
93 	rc = mbedtls_asn1_get_alg(&p, end, &sig_oid, &sig_params);  in verify_signature()
94 	if (rc != 0) {  in verify_signature()
99 	rc = mbedtls_x509_get_sig_alg(&sig_oid, &sig_params, &md_alg, &pk_alg, &sig_opts);  in verify_signature()
100 	if (rc != 0) {  in verify_signature()
108 	rc = mbedtls_pk_parse_subpubkey(&p, end, &pk);  in verify_signature()
109 	if (rc != 0) {  in verify_signature()
110 		rc = CRYPTO_ERR_SIGNATURE;  in verify_signature()
118 	rc = mbedtls_asn1_get_bitstring_null(&p, end, &signature.len);  in verify_signature()
119 	if ((rc != 0) || ((size_t)(end - p) != signature.len)) {  in verify_signature()
120 		rc = CRYPTO_ERR_SIGNATURE;  in verify_signature()
128 		rc = CRYPTO_ERR_SIGNATURE;  in verify_signature()
132 	rc = mbedtls_md(md_info, p, data_len, hash);  in verify_signature()
133 	if (rc != 0) {  in verify_signature()
134 		rc = CRYPTO_ERR_SIGNATURE;  in verify_signature()
139 	rc = mbedtls_pk_verify_ext(pk_alg, sig_opts, &pk, md_alg, hash,  in verify_signature()
142 	if (rc != 0) {  in verify_signature()
143 		rc = CRYPTO_ERR_SIGNATURE;  in verify_signature()
148 	rc = CRYPTO_SUCCESS;  in verify_signature()
154 	return rc;  in verify_signature()
172 	int rc;  in verify_hash()  local
181 	rc = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |  in verify_hash()
183 	if (rc != 0) {  in verify_hash()
190 	rc = mbedtls_asn1_get_alg(&p, end, &hash_oid, &params);  in verify_hash()
191 	if (rc != 0) {  in verify_hash()
195 	rc = mbedtls_oid_get_md_alg(&hash_oid, &md_alg);  in verify_hash()
196 	if (rc != 0) {  in verify_hash()
206 	rc = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING);  in verify_hash()
207 	if ((rc != 0) || ((size_t)(end - p) != len)) {  in verify_hash()
219 	rc = mbedtls_md(md_info, p, data_len, data_hash);  in verify_hash()
220 	if (rc != 0) {  in verify_hash()
225 	rc = memcmp(data_hash, hash, mbedtls_md_get_size(md_info));  in verify_hash()
226 	if (rc != 0) {  in verify_hash()
300 	int diff, i, rc;  in aes_gcm_decrypt()  local
305 	rc = mbedtls_gcm_setkey(&ctx, cipher, key, key_len * 8);  in aes_gcm_decrypt()
306 	if (rc != 0) {  in aes_gcm_decrypt()
307 		rc = CRYPTO_ERR_DECRYPTION;  in aes_gcm_decrypt()
312 	rc = mbedtls_gcm_starts(&ctx, MBEDTLS_GCM_DECRYPT, iv, iv_len, NULL, 0);  in aes_gcm_decrypt()
314 	rc = mbedtls_gcm_starts(&ctx, MBEDTLS_GCM_DECRYPT, iv, iv_len);  in aes_gcm_decrypt()
316 	if (rc != 0) {  in aes_gcm_decrypt()
317 		rc = CRYPTO_ERR_DECRYPTION;  in aes_gcm_decrypt()
325 		rc = mbedtls_gcm_update(&ctx, dec_len, pt, buf);  in aes_gcm_decrypt()
327 		rc = mbedtls_gcm_update(&ctx, pt, dec_len, buf, sizeof(buf), &output_length);  in aes_gcm_decrypt()
330 		if (rc != 0) {  in aes_gcm_decrypt()
331 			rc = CRYPTO_ERR_DECRYPTION;  in aes_gcm_decrypt()
341 	rc = mbedtls_gcm_finish(&ctx, tag_buf, sizeof(tag_buf));  in aes_gcm_decrypt()
343 	rc = mbedtls_gcm_finish(&ctx, NULL, 0, &output_length, tag_buf, sizeof(tag_buf));  in aes_gcm_decrypt()
346 	if (rc != 0) {  in aes_gcm_decrypt()
347 		rc = CRYPTO_ERR_DECRYPTION;  in aes_gcm_decrypt()
356 		rc = CRYPTO_ERR_DECRYPTION;  in aes_gcm_decrypt()
361 	rc = CRYPTO_SUCCESS;  in aes_gcm_decrypt()
365 	return rc;  in aes_gcm_decrypt()
377 	int rc;  in auth_decrypt()  local
383 		rc = aes_gcm_decrypt(data_ptr, len, key, key_len, iv, iv_len,  in auth_decrypt()
385 		if (rc != 0)  in auth_decrypt()
386 			return rc;  in auth_decrypt()